Another Security Hole Found in Android

When it comes to security, Google Android has long been the weaker contestant. After all, the simple availability of the code through the open source community also means that malicious coders will have the opportunity to exploit any and all weaknesses. By that same token, however, this means that Android must quickly resolve any issues that are made known to the public — as that public includes those who will quickly leap through any security hole.

As reported on Engadget, this particular issue was initially discovered by Xuxian Jiang of NCSU (North Carolina State University), who announced that the newest version of Android (2.3, aka “Gingerbread”) has a glaring microSD card flaw. What is that flaw exactly? Malicious websites may be able to tap into your microSD card as a platform through which it can transmit private data — everything from your voicemails to your online banking login info — to a third party.

This isn’t a brand new issue; it’s something Google struggled with in earlier versions of Android development, but which the company fixed prior to the 2.3 release. However, Jiang says that fix is simple to step around for anyone who understands the system. It is reported that Google is looking at the issue and plans on putting out another fix, but there’s no more specific data on the what or when.

This isn’t the first bump Gingerbread has run across, either. The THVB text bug, the SMS messaging glitch would would re-route text messages to unintended recipients without even notifying the sender who the message was heading to, was a glaring issue from day one that saw resolution only after a mass surge of attention to the issue. While Gingerbread remains an appealing OS, it’s hard to say whether it will be truly debugged before its successor, Ice Cream Sandwich, takes the scene.